This topic contains 3 replies, has 2 voices. Last updated by Cristián Lávaque 3 years, 7 months ago.
Topic Author | Topic |
---|---|
Posted: Sunday Jun 9th, 2013 at 8:05 am #51698 | |
I apologize if this has been asked before. I’ve searched and couldn’t find an answer. Since my server was hacked a few days ago, I added the Sucuri monitoring tool to alert me to changes. Since I had to do a fresh install of the WordPress core files yesterday morning, I know I had installed a pristine copy. Yet today the monitoring tool reports that 4 core files have been changed because their checksums don’t match the pristine versions. The 4 files are: wp-admin/user-new.php When I look in these files and diff them against the pristing versions, I see this comment: // Modified for full plugin compatiblity. Notice compatibility is spelled incorrectly as well. Is this change something s2Member does or is it changed because of a backdoor left on my system? If it’s a change from the plugin, may I ask that you indicate as much in the comment by adding: // Modified for full plugin compatibility.–s2member |